This IP address has been reported a total of
34
times from
27 distinct
sources.
66.245.219.168 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Attempted access to sensitive endpoint (/wp-content/155.php) detected. Automated scan or unauthorize ...
show moreAttempted access to sensitive endpoint (/wp-content/155.php) detected. Automated scan or unauthorized probing.
show less
(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 66.245.219.168 (JP/Japan/-): 1 in the last 36 ...
show more(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 66.245.219.168 (JP/Japan/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 66.245.219.168 - - [21/Jun/2026:02:29:32 +0200] "GET /breads1.php HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=papertek.it
show less
Attempted access to sensitive endpoint (/wp-admin/maint/index.php) detected. Automated scan or unaut ...
show moreAttempted access to sensitive endpoint (/wp-admin/maint/index.php) detected. Automated scan or unauthorized probing.
show less
(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 66.245.219.168 (JP/Japan/-): 1 in the last 36 ...
show more(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 66.245.219.168 (JP/Japan/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 66.245.219.168 - - [20/Jun/2026:22:57:15 +0200] "GET /test1.php HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=papertek.it
show less
Port Scan
Anonymous
Bot / scanning and/or hacking attempts: GET /wp-admin/index.php HTTP/1.1, GET /403.php HTTP/1.1, GET ...
show moreBot / scanning and/or hacking attempts: GET /wp-admin/index.php HTTP/1.1, GET /403.php HTTP/1.1, GET /autoload_classmap/function.php HTTP/1.1, GET /av.php HTTP/1.1, GET /ant.php HTTP/1.1, GET /storage/rip.php HTTP/1.1, GET /wp-includes/ HTTP/1.1, GET /ws.php HTTP/1.1, GET /.well-known/gecko-litespeed.php HTTP/1.1, GET /wp-trackback.php HTTP/1.1, GET /wp-admin/includes/ HTTP/1.1, GET /tinyfilemanager.php HTTP/1.1, GET /1index.php HTTP/1.1, GET /autoload_classmap.php HTTP/1.1, GET /wp-content/plugins/index.php HTTP/1.1, GET /wp-content/plugins/core-plugin/include.php HTTP/1.1, GET /wp-content/themes/pridmag/b.php HTTP/1.1, GET /wp-includes/images/ HTTP/1.1, GET /.bod/.ll/ HTTP/1.1, GET /wp-includes/bk/ HTTP/1.1, GET /tool.php HTTP/1.1, GET /0.php HTTP/1.1, GET /wp-content/upgrade/index.php HTTP/1.1
show less
Attempted access to sensitive endpoint (/wp-content/admin.php) detected. Automated scan or unauthori ...
show moreAttempted access to sensitive endpoint (/wp-content/admin.php) detected. Automated scan or unauthorized probing.
show less
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 66.245.219.168 (JP/Japan/-): 1 in t ...
show moreLF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 66.245.219.168 (JP/Japan/-): 1 in the last 3600 secs
show less
Web App Attack
Showing 1 to
15
of 34 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ